Allow this type of password protected file
Danita Zanrè
danita at caledonia.net
Thu Sep 22 10:06:40 UTC 2022
Hi Peter,
Yeah - I know - but this is a bank in the Netherlands who insists on
sending these password protected files. I'm not sure how to get the
files to the intended recipient otherwise. This passes through to
another entity's email system (so it's unlikely to harm my own network),
so I'm trying to make them happy. I could simply tell them to have the
bank "change their policies" for them only, but you know what the likely
outcome is to that request.
Danita
Peter Farrow via MailScanner wrote on 9/22/22 11:43:
>
> Dear Danita,
>
> You should NEVER allow password-protected files.
>
> A would be attacker sends a password-protected file, then sends the
> password and the victim opens the file and any malicious content gets
> let into the network "just like that".
>
> Whitelisting the sender means your network security relies on their
> network security. Its not an issue it is "by design".
>
> Pete
>
>
> Peter Farrow BEng(Hons) BBC ETSI
> Office: 01249 736180 | <tel:01249%20736181>
> Mobile: +44 (0) 7799605617 <tel:+44%20%280%29%207799605617>
> Email: peter.farrow at togethia.net <mail:peter.farrow at togethia.net>
> Website: www.togethia.it <https://www.togethia.it>
> <https://facebook.com/togethiait> <skype:peter_farrow>
>
> On 22/09/2022 10:39, Danita Zanrè wrote:
>> Hello everyone. Can someone remind me of what I would need to do to
>> allow these files through, or just whitelist this particular sender?
>> I believe this is probably a "Sophos" issue, but you are my go-to
>> group for solving these issues!
>>
>> Sophos: Password protected file
>> /data/MailScanner/incoming/27332/8AA72173CF1.A944B/HKB_TA1142P1_2022090918190400000709_EM_Stmt_01_20220909_000190.zip/HKB_TA1142P1_2022090918190400000709_EM_Stmt_01_20220909_000190.PDF
>>
>> Thanks for any help here!
>>
>> Danita
>>
>>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mailscanner.info/pipermail/mailscanner/attachments/20220922/34ded34e/attachment.html>
More information about the MailScanner
mailing list